Scripts

NFC CreditCard Reader
Program based on readnfccc (by Renaud Lifchitz) to read some private data from credit cards, like cardholder, Permanent Account Number (PAN), expiry date, etc., using NFC technology. It has been tested with Spanish contactless credit cards, but can also be used with other countries cards.

writeURItoNFCtag
Simple script to write any URI to an NFC tag. Using the 0x00 URI type we can write any type of URI in the tag, without thinking about it. Based on the helloworld.py (nfcpy) script.

twitCheck
Simple script to show details of a given Twitter account: inactivity of friends, new and lost followers, etc.

PDFAnalyzer
Script to analyze malicious PDF files containing obfuscated Javascript code. It uses Spidermonkey to execute the found Javascript code and showing the shellcode to be launched. Sometimes it's not able to deobfuscate the code, but you can specify the parameter -w to write to disk the Javascript code, helping to carry out a later manual analysis. Its output has five sections where you can find trigger events (/OpenAction and /AA), suspicious actions (/JS, /Launch, /SubmitForm and /ImportData), vulnerable elements, escaped bytes and URLs, which can be useful to get an idea of the file risk.

js2shellcode
Little script to obtain a printable (C style) shellcode from the escaped Javascript code. It also writes to shellcode.out the resulted bytes.

shellcode2js
Little script to obtain an escaped Javascript shellcode from a C style shellcode or a binary file containing the shellcode.

ZlibStreams
This script compress/decompress a specified string or file using the Zlib library. If the input is a file and the method used is decompression, then the script looks for the streams compressed with the /FlateDecode filter, so it's focused on PDF files.

XORBruteForcer
Script that implements a XOR bruteforcing of a given file, although a specific key can be used too. It's possible to look for a word in the xored result, minimizing the output.

HostsGrabber
Script which returns a list of hostnames of the given domain (and their resolved IPs) contained in the given URL. The request can be recursive. This is useful to map all the hosts of one organization.

GeoLoc
Given one host (domain or IP) returns its geolocalization (based on GeoIpTool.com).